chris_h
24.10.08, 15:15
Hi,
habe einen Nameserver aufgesetzt, der sich eigenartig verhält. Vermute irgendwo einen Fehler in der Konfig. Läuft auf einem akt. Debian.
/etc/host.conf
multi on
order hosts,bind
/etc/bind/db.root
; <<>> DiG 9.3.4-P1.1 <<>> @e.root-servers.net . ns
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63116
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:ba3e::2:30
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2f::f
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803f:235
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:c27::2:30
;; Query time: 174 msec
;; SERVER: 192.203.230.10#53(192.203.230.10)
;; WHEN: Fri Oct 24 15:43:14 2008
;; MSG SIZE rcvd: 500
/etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// from bind 9:
// [fetch-glue] is obsolete. In BIND 8, fetch-glue yes caused the
// server to attempt to fetch glue resource records it didn't have
// when constructing the additional data section of a response.
// This is now considered a bad idea and BIND 9 never does it.
fetch-glue no;
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
# The forwarders record contains a list of servers to which queries
# should be forwarded. Enable this line and modify the IP address to
# your provider's name server. Up to three servers may be listed.
#forwarders { 192.0.2.1; 192.0.2.2; };
# Enable the next entry to prefer usage of the name server declared in
# the forwarders section.
#forward first;
# The listen-on record contains a list of local network interfaces to
# listen on. Optionally the port can be specified. Default is to
# listen on all interfaces found on your system. The default port is
# 53.
listen-on port 53 { 127.0.0.1; };
# The listen-on-v6 record enables or disables listening on IPv6
# interfaces. Allowed values are 'any' and 'none' or a list of
# addresses.
#listen-on-v6 { any; };
listen-on-v6 { 127.0.0.1; };
# The allow-query record contains a list of networks or IP addresses
# to accept and deny queries from. The default is to allow queries
# from all hosts.
#allow-query { 127.0.0.1; };
# If notify is set to yes (default), notify messages are sent to other
# name servers when the the zone data is changed. Instead of setting
# a global 'notify' statement in the 'options' section, a separate
# 'notify' can be added to each zone definition.
notify no;
};
Mehr habe ich in nach der default Installation nicht geändert.
dig amazon.de > geht
dig www.amazon.de +trace > geht nicht:
; <<>> DiG 9.3.4-P1.1 <<>> www.amazon.de +trace
;; global options: printcmd
. 516630 IN NS G.ROOT-SERVERS.NET.
. 516630 IN NS I.ROOT-SERVERS.NET.
. 516630 IN NS F.ROOT-SERVERS.NET.
. 516630 IN NS C.ROOT-SERVERS.NET.
. 516630 IN NS D.ROOT-SERVERS.NET.
. 516630 IN NS K.ROOT-SERVERS.NET.
. 516630 IN NS J.ROOT-SERVERS.NET.
. 516630 IN NS B.ROOT-SERVERS.NET.
. 516630 IN NS E.ROOT-SERVERS.NET.
. 516630 IN NS A.ROOT-SERVERS.NET.
. 516630 IN NS L.ROOT-SERVERS.NET.
. 516630 IN NS M.ROOT-SERVERS.NET.
. 516630 IN NS H.ROOT-SERVERS.NET.
;; Received 492 bytes from 127.0.0.1#53(127.0.0.1) in 2 ms
de. 172800 IN NS L.DE.NET.
de. 172800 IN NS S.DE.NET.
de. 172800 IN NS F.NIC.de.
de. 172800 IN NS A.NIC.de.
de. 172800 IN NS C.DE.NET.
de. 172800 IN NS Z.NIC.de.
;; Received 289 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 144 ms
amazon.de. 86400 IN NS udns1.ultradns.net.
amazon.de. 86400 IN NS udns2.ultradns.net.
;; Received 83 bytes from 89.213.253.189#53(L.DE.NET) in 34 ms
www.amazon.de. 7200 IN NS ns-932.amazon.com.
www.amazon.de. 7200 IN NS ns-931.amazon.com.
www.amazon.de. 7200 IN NS ns-923.amazon.com.
www.amazon.de. 7200 IN NS ns-921.amazon.com.
www.amazon.de. 7200 IN NS ns-912.amazon.com.
www.amazon.de. 7200 IN NS ns-911.amazon.com.
;; Received 167 bytes from 204.69.234.1#53(udns1.ultradns.net) in 100 ms
dig: couldn't get address for 'ns-932.amazon.com': failure
Weshalb fragt mir der DNS nicht bei den Nameservern von amazon an?
Danke,
Chris
habe einen Nameserver aufgesetzt, der sich eigenartig verhält. Vermute irgendwo einen Fehler in der Konfig. Läuft auf einem akt. Debian.
/etc/host.conf
multi on
order hosts,bind
/etc/bind/db.root
; <<>> DiG 9.3.4-P1.1 <<>> @e.root-servers.net . ns
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63116
;; flags: qr aa rd; QUERY: 1, ANSWER: 13, AUTHORITY: 0, ADDITIONAL: 14
;; QUESTION SECTION:
;. IN NS
;; ANSWER SECTION:
. 518400 IN NS C.ROOT-SERVERS.NET.
. 518400 IN NS G.ROOT-SERVERS.NET.
. 518400 IN NS F.ROOT-SERVERS.NET.
. 518400 IN NS A.ROOT-SERVERS.NET.
. 518400 IN NS J.ROOT-SERVERS.NET.
. 518400 IN NS K.ROOT-SERVERS.NET.
. 518400 IN NS B.ROOT-SERVERS.NET.
. 518400 IN NS I.ROOT-SERVERS.NET.
. 518400 IN NS D.ROOT-SERVERS.NET.
. 518400 IN NS L.ROOT-SERVERS.NET.
. 518400 IN NS E.ROOT-SERVERS.NET.
. 518400 IN NS H.ROOT-SERVERS.NET.
. 518400 IN NS M.ROOT-SERVERS.NET.
;; ADDITIONAL SECTION:
A.ROOT-SERVERS.NET. 3600000 IN A 198.41.0.4
A.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:ba3e::2:30
B.ROOT-SERVERS.NET. 3600000 IN A 192.228.79.201
C.ROOT-SERVERS.NET. 3600000 IN A 192.33.4.12
D.ROOT-SERVERS.NET. 3600000 IN A 128.8.10.90
E.ROOT-SERVERS.NET. 3600000 IN A 192.203.230.10
F.ROOT-SERVERS.NET. 3600000 IN A 192.5.5.241
F.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:2f::f
G.ROOT-SERVERS.NET. 3600000 IN A 192.112.36.4
H.ROOT-SERVERS.NET. 3600000 IN A 128.63.2.53
H.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:500:1::803f:235
I.ROOT-SERVERS.NET. 3600000 IN A 192.36.148.17
J.ROOT-SERVERS.NET. 3600000 IN A 192.58.128.30
J.ROOT-SERVERS.NET. 3600000 IN AAAA 2001:503:c27::2:30
;; Query time: 174 msec
;; SERVER: 192.203.230.10#53(192.203.230.10)
;; WHEN: Fri Oct 24 15:43:14 2008
;; MSG SIZE rcvd: 500
/etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// from bind 9:
// [fetch-glue] is obsolete. In BIND 8, fetch-glue yes caused the
// server to attempt to fetch glue resource records it didn't have
// when constructing the additional data section of a response.
// This is now considered a bad idea and BIND 9 never does it.
fetch-glue no;
// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.
// query-source address * port 53;
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
// forwarders {
// 0.0.0.0;
// };
auth-nxdomain no; # conform to RFC1035
# The forwarders record contains a list of servers to which queries
# should be forwarded. Enable this line and modify the IP address to
# your provider's name server. Up to three servers may be listed.
#forwarders { 192.0.2.1; 192.0.2.2; };
# Enable the next entry to prefer usage of the name server declared in
# the forwarders section.
#forward first;
# The listen-on record contains a list of local network interfaces to
# listen on. Optionally the port can be specified. Default is to
# listen on all interfaces found on your system. The default port is
# 53.
listen-on port 53 { 127.0.0.1; };
# The listen-on-v6 record enables or disables listening on IPv6
# interfaces. Allowed values are 'any' and 'none' or a list of
# addresses.
#listen-on-v6 { any; };
listen-on-v6 { 127.0.0.1; };
# The allow-query record contains a list of networks or IP addresses
# to accept and deny queries from. The default is to allow queries
# from all hosts.
#allow-query { 127.0.0.1; };
# If notify is set to yes (default), notify messages are sent to other
# name servers when the the zone data is changed. Instead of setting
# a global 'notify' statement in the 'options' section, a separate
# 'notify' can be added to each zone definition.
notify no;
};
Mehr habe ich in nach der default Installation nicht geändert.
dig amazon.de > geht
dig www.amazon.de +trace > geht nicht:
; <<>> DiG 9.3.4-P1.1 <<>> www.amazon.de +trace
;; global options: printcmd
. 516630 IN NS G.ROOT-SERVERS.NET.
. 516630 IN NS I.ROOT-SERVERS.NET.
. 516630 IN NS F.ROOT-SERVERS.NET.
. 516630 IN NS C.ROOT-SERVERS.NET.
. 516630 IN NS D.ROOT-SERVERS.NET.
. 516630 IN NS K.ROOT-SERVERS.NET.
. 516630 IN NS J.ROOT-SERVERS.NET.
. 516630 IN NS B.ROOT-SERVERS.NET.
. 516630 IN NS E.ROOT-SERVERS.NET.
. 516630 IN NS A.ROOT-SERVERS.NET.
. 516630 IN NS L.ROOT-SERVERS.NET.
. 516630 IN NS M.ROOT-SERVERS.NET.
. 516630 IN NS H.ROOT-SERVERS.NET.
;; Received 492 bytes from 127.0.0.1#53(127.0.0.1) in 2 ms
de. 172800 IN NS L.DE.NET.
de. 172800 IN NS S.DE.NET.
de. 172800 IN NS F.NIC.de.
de. 172800 IN NS A.NIC.de.
de. 172800 IN NS C.DE.NET.
de. 172800 IN NS Z.NIC.de.
;; Received 289 bytes from 192.112.36.4#53(G.ROOT-SERVERS.NET) in 144 ms
amazon.de. 86400 IN NS udns1.ultradns.net.
amazon.de. 86400 IN NS udns2.ultradns.net.
;; Received 83 bytes from 89.213.253.189#53(L.DE.NET) in 34 ms
www.amazon.de. 7200 IN NS ns-932.amazon.com.
www.amazon.de. 7200 IN NS ns-931.amazon.com.
www.amazon.de. 7200 IN NS ns-923.amazon.com.
www.amazon.de. 7200 IN NS ns-921.amazon.com.
www.amazon.de. 7200 IN NS ns-912.amazon.com.
www.amazon.de. 7200 IN NS ns-911.amazon.com.
;; Received 167 bytes from 204.69.234.1#53(udns1.ultradns.net) in 100 ms
dig: couldn't get address for 'ns-932.amazon.com': failure
Weshalb fragt mir der DNS nicht bei den Nameservern von amazon an?
Danke,
Chris